Security Alerts and Updates

  Latest Security Updates for Apple Software→
•  AV Mac Security Test & Review 2019→
•  AV Real-World Protection Test July-October 2019→
•  AV Malware Protection Test September 2019→
•  AV Performance Test October 2019→

December, 2019  (Click listings for more information) .
05  New Linux vulnerability lets attackers hijack VPN connections.
05  Original Surface Books with swollen batteries, a cautionary story.
05  AT&T, Verizon subscribers mobile bills turn up on the open Web.
05  All’s clear to install Microsoft’s November patches.
04  Microsoft Remote Desktop Client for iOS is back after bug fixes.
04  Ubuntu Linux gets Intel microcode update to fix CPU hangs.
04  Fix issued for the 2019 13-inch MacBook Pro shutdown issue.
04  Patch Lady – watch out for banner ad scams.
04  Reported profile problems with the newly updated Firefox.
03  Smith & Wesson site hacked to steal customer payment info.
03  Microsoft releases 2019 Office updates with Auth issue fix.
03  Firefox 71 released with picture-in-picture support and more.
03  Android ups mobile security with default TLS encryption.
03  FTC warns of scam spreading scary terrorism allegations.
03  Avast & AVG Firefox extensions pulled from Mozilla addon site.
03  Security patch brings some Pixel 4 features to older Pixels.
02  Facebook Ads Manager targeted by new info-stealing Trojan.
02  Microsoft warns of spear phishing attacks, tips to dodge them.
02  Fake Steam skin giveaway site steals your login credentials.
02  Actively exploited StrandHogg vulnerability affects Android OS.
01  This Week in Security – by Zack Whittaker.
01  Microsoft Remote Desktop 10.0 for iOS released, then pulled.

November, 2019  (Click listings for more information) .
30  The web has a padlock problem.
30  Here’s why the free upgrade from Win7 to Win10 still works.
29  Chrome password stealer sends data to a MongoDB database.
29  Netflix account freeze – don’t click, it’s a scam!
28  Patch Lady – cleaning up the installer folder.
28  Microsoft is updating its Remote Desktop app for iOS.
28  Beware of Thanksgiving eCard emails distributing malware.
27  Microsoft warns of uncommon Windows 10 Thunderbolt issue.
26  Win10 1909 KB4517245 update causes File Explorer issues.
26  HP warns that some SSD drives will fail at 32,768 hours of use.
26  Holiday Scam Season Is Here for All Shoppers.
26  Magecart group switches up tactics with MiTM, phishing.
26  Phishers create fake sites as bait for holiday shopping deals.
25  Surface Laptop 3 & Pro X get driver and firmware updates.
25  Running Win10 version 1803 or 1809? You have options.
25  Microsoft fixes Win10 Qualcomm Wi-Fi driver update block.
24  This Week in Security – by Zack Whittaker.
24  Phishing spotlight: Login to unblock Microsoft Excel.
24  Known problems with Windows 10 version 1909.
23  Win10 upgrades blocked if using old versions of AVG, Avast.
23  TrickBot Trojan ready to steal OpenSSH & OpenVPN keys.
22  The Week in Ransomware – Leaky Files.
22  Data-enriched profiles on 1.2B people exposed in leak.
22  Say goodbye to Windows Defender Exploit Guard.
22  iOS 13 bugs lead Apple to change the way it’s testing iOS 14.
21  Microsoft Outlook for Android gets spoofing vulnerability fix.
21  DePriMon malware registers itself as a Windows print monitor.
21  Some people are finding that Windows shutdown is blocked.
21  Popular apps on Google Play Store remain unpatched.
20  Update WhatsApp: MP4 video bug exposes your messages.
20  Adobe Acrobat and Reader 2015 reach end of support.
20  uBlock Origin now blocks sneaky first-party trackers in Firefox.
19  D-Link adds more buggy router models to ‘Won’t Fix’ list.
19  Rollup previews for Win7, 8.1, Server 2008 SP2, 2012 and .Net.
19  Android Camera bug lets apps record video without permission.
18  Macy’s customer payment info stolen in Magecart data breach.
18  Win10 November Update is now available via the Update Assistant.
18  Google just released Google Chrome 78.0.3904.108.
18  Older Surface devices get driver updates to address connectivity issues.
18  IRS publishes guidance to help taxpayers fight identity theft.
18  Apple releases iOS 13.2.3 with more fixes.
18  Intel is removing end of life drivers and BIOS downloads.
17  This Week in Security – by Zack Whittaker.
17  How to download the Windows 10 1909 ISO from Microsoft.
17  How to rebuild a Win7 system with minimal snooping.
16  Microsoft removes Win10 1909 Realtek driver update block.
16  Thousands of hacked Disney+ accounts are already for sale.
15  The Week in Ransomware – Holy Ransomware.
15  Malicious sites found posing as well-known retailers.
15  What we know about the Win10 version 1909 upgrade.
15  Phishing scam warns that your password will be changed.
14  Intel patched 77 vulnerabilities in November Platform Update.
14  The MSRT update that’s been bouncing around is fixed now.
14  Win10 Update Assistant to move to 1909 next week.
14  Qualcomm bug exposes critical data on Samsung, LG phones.
13  Microsoft auto-updating Win10 1803 devices to May 2019 Update.
13  Microsoft fixes Win10 1809 issue that broke Defender ATP.
13  TPM-FAIL security flaws impact modern devices with Intel CPUs.
13  Patch Tuesday arrives with Access error, 1909 in tow.
13  Microsoft releases the November security updates for Office.
12  Microsoft fixes Win10 Update and Intel driver battery drain.
12  Win10 Cumulative Update KB4524570 & KB4523205 released.
12  Microsoft’s Patch Tuesday fixes IE zero-day, 74 flaws.
12  Patches this Patch Tuesday for Windows 7 and 8.1.
12  Windows 10 November 2019 Update is now available.
12  McAfee patches privilege escalation flaw in antivirus software.
12  Google collecting Americans’ healthcare data without consent.
11  Windows 10 missing deferred update settings bug fixed.
11  Windows 10 bug causes USB drives to show the wrong icon.
11  Make sure Windows Auto Update is temporarily disabled.
10  This Week in Security – by Zack Whittaker.
09  US Govt asks users to be wary of holiday scams and malware.
08  The Week in Ransomware – Now Targeting Passwords.
08  Apple Mail on macOS leaves parts of encrypted emails in plaintext.
08  Microsoft may release Win10 version 1909 next Tuesday.
07  Microsoft warns of more harmful Windows BlueKeep attacks.
07  QNAP warns users to secure NAS devices against malware.
07  Disappearing Windows Update deferral pane suddenly reappears.
07  Specially crafted ZIP files used to bypass secure email gateways.
06  NVIDIA fixes security flaws in GPU driver, GeForce Experience.
06  Google allies with security companies to boost Play Store safety.
06  TrendMicro employee sold customer info to tech support scammers.
05  Microsoft issues non-security Office updates with memory leak fix.
05  Chrome OS update adds virtual desktops, easier printer use.
05  Fraudulent tech-support sites cause Firefox to freeze.
04  Malwarebytes 4.0 released with new UI & scanning engine.
03  This Week in Security – by Zack Whittaker.
03  BlueKeep attacks are happening, but it’s not a worm.
02  Android bug lets hackers plant malware via NFC beaming.
01  Windows 10 1903 affected by setup bug, workaround ready.
01  The Week in Ransomware – A Mix of Good and Bad.
01  Office for Mac users warned of malicious SYLK files.
01  Microsoft releases PowerToys 0.13, fixing a range of bugs.
01  It’s now time to install the October patches.
01  Android keyboard app could swindle 40 million users.
01  Chrome zero-day bug with exploit in the wild gets a patch.
01  How to block the Windows 10 version 1909 from installing.

October, 2019  (Click listings for more information) .
31  Google Releases Security Updates for Chrome.
31  Emotet Trojan brings a malware scare with Halloween emails.
31  Microsoft shares solutions for Windows TLS failures, timeouts.
31  Discord abused to spread malware and harvest stolen data.
31  Gafgyt variant recruits routers to DDoS servers for Valve games.
30  Microsoft issues workaround for Windows 10 user creation IME bug.
30  Another patch-induced conflict: Transport Layer Security fails.
30  Chrome 78 disables Code Integrity check to mitigate “Aw Snap!” crashes.
30  Dedoimedo: Straight talk about Windows 7.
30  Got an early iPhone or iPad? Update now!!!
29  macOS 10.15.1 & watchOS 6.1 are out with support for AirPods Pro, older devices, & more.
29  Windows 10 PowerToys updated with batch renamer tool.
29  October updates bring problems – Woody on Windows.
29  xHelper Trojan variant reinstalls itself after removal.
29  NordVPN plans security and privacy upgrades after hack.
29  Mozilla provides workaround for Firefox 70 not loading sites.
28  How to update the Marvell driver for your Surface device.
28  Apple releases iOS 13.2 with Deep Fusion, new emojis.
28  Windows 10 1903 update block removed after Bluetooth fix.
27  How to perform Windows Defender Offline scan in Windows 10.
27  Windows 10 Start Menu, search issues continue after update.
27  This Week in Security – by Zack Whittaker.
27  Watch out for non-MS Surface Pro 7 drivers.
25  The Week in Ransomware – Two Week Edition.
25  P&G online Beauty Store hacked to steal payment info.
25  Microsoft fixes Win10 1903 network issue, update block stays.
25  How to fix “Aw Snap!” crash in Google Chrome 78.
25  Google to replace Home devices bricked by firmware update.
24  Raccoon malware scavenges 100,000+ devices to steal data.
24  Win10 1903 KB4522355 update released with Start Menu fixes.
24  Symantec antivirus crashes Chrome 78 browsers.
24  Apple removes 17 malicious iOS apps from App Store.
24  Malicious Android apps hide ads from Google employees.
24  OneDrive for iOS update squashes numerous iPad & iOS 13 bugs.
24  Samsung rolls out fix for Galaxy S10 fingerprint sensor glitch.
23  FBI issues warning about e-skimming (Magecart) attacks.
23  FTC issues guidance on protecting against SIM swap attacks.
23  Fujitsu wireless keyboard plagued by unpatched flaws.
23  The difference between Defer, Pause and Delay updates.
22  Chrome 78 released with DoH trial, Tab Hover Cards, & more.
22  Firefox 70 released with in-browser data breach notifications.
21  Avast, NordVPN breaches tied to phantom user accounts.
21  New Win10 Secured-core PCs block firmware-level attacks.
Windows 10 version 1803 hits end of support on Nov. 12.
21  Google to roll out update to fix Pixel 4 Face Unlock bypass.
20  Alexa & Google Home devices leveraged to phish & eavesdrop on users.
20  How to update Windows 10 drivers manually.
20  This Week in Security – by Zack Whittaker.
19  Patch Lady – okay Microsoft, how about you help?
18  Microsoft 365 authentication outage, users unable to login.
18  Processor requirements updated for Win10 versions 1903 & 1909.
18  Win10 KB4520062 Update may break Microsoft Defender ATP.
18  Some Android apps hide icons to make it hard to remove them.
18  Phishy text message tries to steal your cellphone account.
17  UC Browser Android users exposed to MiTM attacks.
17  Google Chrome 77 added new site isolation security features.
17  Stripe users targeted in phishing attack that steals banking info.
17  Amazon Echo and Kindle devices affected by WiFi bug.
16  Attackers hide backdoors & cryptominers in WAV audio files.
16  Another Win10 version 1903 cumulative update video bug.
16  Getting “unexpected error; quitting” in Win10 version 1903?
16  Malware uses your PC to send 30K sextortion emails per hr.
16  Domain typosquatters target the 2020 presidential election.
15  Symantec fixes bad IPS definitions that cause a Windows BSOD.
15  Adobe fixes 45 critical vulnerabilities in Acrobat and Reader.
15  2nd October cumulative updates posted – optional, non-security.
15  Samsung Galaxy S10 fingerprint reader defeated by silicone case.
14  Mozilla rolls out code injection attack protection in Firefox.
14  Facebook users locked out after reporting fake accounts.
14  How to make Windows 10 pause updates for a period of time.
14  Apple responds to reports that it sends user traffic to China.
14  Google & Yubico unveils new USB-C Titan Security Key.
14  Creating custom Sandbox configurations in Windows 10.
14  Microsoft now enables Win10 Tamper Protection by default.
13  This Week in Security – by Zack Whittaker.
13  Win10 version 1903 cumulative update & ASUS sound card bugs.
12  Use iTunes for Windows? Update Now!
12  Vulnerability found and fixed in HP bloatware.
12  Can now install Win10 version 1903 on Surface Book 2 PCs.
11  The Week in Ransomware – Decryptors Released!
11  Win10 KB4517389 update may cause Start Menu & Edge issues.
11  Microsoft fixes disappearing GPU issue on Surface Book 2.
11  Windows 10 Update Assistant vulnerability needs manual fix.
11  Google releases security updates for Chrome.
11  Windows 10 1703 is now end of service, no more updates.
10  Nemty Ransomware decryptor released, for free.
10  Microsoft won’t fix a security flaw in Windows 10 Mobile.
10  HP Touchpoint Analytics opens PCs to code execution attack.
10  Apple iTunes bug actively exploited in BitPaymer/iEncrypt campaign.
10  iTerm2 patches critical vulnerability active for 7 years.
09  Apple releases watchOS 5.3.2 for Apple Watch Series 4.
09  Patch Tuesday Lowdown, October 2019 Edition.
09  Beware of fake Amazon AWS suspension emails.
09  Patch Tuesday report: Looks like the fourth time’s a charm.
08  Win10 Servicing Stack Updates fix Secure Boot issues.
08  Here’s what’s new for Windows 8.1 and Windows 7.
08  Win10 cumulative update KB4517389 & KB4519338 released.
08  Microsoft releases the October security updates for Office.
08  Microsoft’s October Patch Tuesday fixes 59 vulnerabilities.
08  Win10 1803 users warned to update before end of support.
07  Twitter API leaves thousands of iOS Apps open to attacks.
07  RIP iTunes: Apple releases macOS 10.15 Catalina.
07  RobbinHood Ransomware using street cred to make victims pay.
07  Ransomware victim hacks back, releases decryption keys.
07  Some Windows 10 users can’t use Firefox for downloads.
06  Check if you are in the Sephora & StreetEasy data breaches.
06  DNS-over-HTTPS causes more problems than it solves.
05  HildaCrypt Ransomware developer releases decryption keys.
05  Optional cumulative update for 1903 breaks Search & VMware Workstation for some.
05  Win10 KB4524147 Update may cause boot & printing issues.
05  All out-of-band patches were re-issued in the past few hours.
04  Patch Lady – what’s the real risk?
04  The Week in Ransomware – That’s all Folks.
04  Windows 10 Cumulative Update breaks the Start menu.
04  Google says old Android vulnerability being used in the wild.
04  Magecart impacts hundreds of thousands of websites.
04  Trojan sets its sights on Microsoft Windows Defender.
03  Four U.S. food chains disclose payment card data theft.
03  Security updates released for all versions of Windows 10.
03  ‘Lost Files’ data wiper poses as a Windows security scanner.
03  Google Chrome to gradually start blocking mixed content.
03  WhatsApp flaw opens Android devices to remote code execution.
02  Google’s new privacy features for YouTube, Maps, & Assistant.
02  Google launches Password Checkup to verify security.
02  Security breach may impact orgs like Uber, Slack, & FCC.
02  American Express customer info accessed by employee.
02  Time to install Microsoft’s mainstream September patches.
01  Microsoft releases October 2019 Office updates with fixes.
01  Fake Office Activation Wizard docs used to spread Trojan.
01  Windows 10 1903 cumulative update breaks printing.
01  Hack allows reading of password protected PDF files.
01  Eight vulnerabilities found in Android’s VoIP components.